A couple of months ago, hackers managed to steal the code for EA’s FIFA 21 videogame after they tricked an Electronic Arts employee into providing them with a login token. With a few swift moves, the criminals were in possession of the 780GB source code of EA’s 2021 version of the company’s best-selling franchise. The bad actors then demanded $28 million in ransom.
The criminals threatened the American video game company to sell the source code to the highest bidder or publish it online for everyone to see if the California-based gaming company refused to comply. The origin of the hackers remains unknown.
However, EA was not very impressed with the hackers. The second-largest gaming company in the Americas and Europe said there is barely any sensitive information included in the source code, and they refused to pay the hefty ransom. Immediately after the incident, EA made security improvements and confirmed they do not expect any impact on their games or business.
The hackers saw that EA would not bend a knee and unsuccessfully tried to sell the source code to third parties over the last few weeks. Their efforts were worthless as they experienced the same problem – the lack of sensitive user data would not sound too appetizing for third parties. After weeks of desperate tries to sell the stolen data, the hackers had no other choice but to publish the stolen 780GB source code online for everyone to see. The source code was published earlier this week.
In a statement, EA confirmed that the stolen information does not contain data that concerns player privacy. They have no reason to believe that there is any material risk to EA’s games, business, or players. People can potentially use the code to play FIFA 21 on their own servers illegally, but that is about all.
Panda Security reminds you that downloading and installing cracked versions of video games pose a significant risk as such game versions are often infested with malicious code. The safest way to enjoy a videogame is to purchase a legal copy from the game developer or an authorized dealer.
Hackers, sometimes glorified by media outlets, are not always winners. In this particular case, the hackers wasted time stealing worthless information, broke the law by engaging in extortion attempts, and did not get a cent in return. Even though they did not make any money out of their efforts, if caught, they will be prosecuted as EA is actively working with federal law enforcement officials as part of an ongoing criminal investigation. People and organizations who are adequately prepared rarely become victims of hacker attacks.